Best Practices for Installing Patches and Software Updates

By: Alex Rubenstein March 17, 2017

Whether you are operating computers and applications in business or for personal use, eventually you are going to have to install patches and software updates. It’s a fact of life – even the most meticulously written program or operating system is subject to the constant whims of change in the technology world, especially now that software hacks and data breaches are becoming more and more widely publicized. Today we are going to discuss the best practices for installing patches and software updates for both personal and corporate environments.

Personal Computing Best Practices

We understand that patch and software updates can be a nuisance sometimes, especially when you want to simply sit down and surf the web or write an email. However, don’t neglect the security of your computer and network for a little convenience. Security patches and software updates are pushed to computers in order to fix vulnerabilities which can be exploited by hackers to steal your personal data! So, while it isn’t imperative to have patches installed as soon as they are available, it is ideal to install them as soon as you are able to do so.

Alternatively, you can set your Windows or Mac operating systems to use “automatic updates” to eliminate some of the hassle (you can view how to set up automatic updates on your Windows PC here and Mac OS here).

Business Computing Best Practices

If you are curious on best practices for patches and software updates at the business level, here is HTA’s approach for our managed service clients. On the one hand, it’s important to take all necessary precautions against the threat posed by a cyberattack. On the other hand, your entire system could be brought down by deploying a bad patch. This stresses the importance for business users to focus their efforts on patches that close vulnerabilities, not necessarily on those that add functionality or features. Here are a couple of best practice points to implement in your organization.

Third Party Applications: According to experts, 76% of vulnerabilities are related to third party applications (the numbers for Microsoft Office and Windows were at around 16% and 8%, respectively). So, third party patch management should be a central focus of your security strategy. (Note: Third party applications include Java, Adobe, Firefox, etc.)

The 5% Rule: This rule states that a single patch policy will apply to about 95% [most] of the systems you manage. The remaining 5% may consist of systems which should not follow this policy (e.g. a database or application server) and patching these systems will need to be handled differently. Some administrators may choose to manage these systems individually, so that the required discretion is applied on a case-by-case basis. However, it is more efficient to create special groups or policies to handle these exceptions.

Staging Patch Deployment: Don’t just push patch updates to all of your systems at once! This can be a recipe for failure of your entire network. Take the patch updates in stages, starting with a few trusted internal systems, followed by a sample of production systems to test compatibility with your business applications. When approved, release to the rest of your systems.

For more information about how to handle patches and software updates in a business setting, check out this article.

HOWARD TECH ADVISORS: YOUR PARTNER IN TECH

At Howard Tech Advisors, we manage your IT infrastructure so that you don’t have to. Whether you need assistance creating a disaster recovery plan or you’d like to outsource your IT needs, we can help! Keep up with our weekly blog to stay up-to-date on the latest tech trends, security information you need to know to stay safe online, and tips and tricks to effectively navigating an increasingly mobile world.